IEEE Access (Jan 2023)

CRSF: An Intrusion Detection Framework for Industrial Internet of Things Based on Pretrained CNN2D-RNN and SVM

  • Shiming Li,
  • Guangzhao Chai,
  • Yuhe Wang,
  • Guohui Zhou,
  • Zhenxing Li,
  • Dan Yu,
  • Rencai Gao

DOI
https://doi.org/10.1109/ACCESS.2023.3307429
Journal volume & issue
Vol. 11
pp. 92041 – 92054

Abstract

Read online

The traditional support vector machine (SVM) requires manual feature extraction to improve classification performance and relies on the expressive power of manually extracted features. However, this characteristic poses limitations in complex Industrial Internet of Things (IIoT) environments. Traditional manual feature extraction may fail to capture all relevant information, thereby restricting the application effectiveness of SVM in IIoT settings. CNN-RNN, as a deep learning network capable of simultaneously extracting spatial and temporal features, can alleviate researchers’ burden. In this paper, we propose a novel intrusion detection system (IDS) framework based on anomalies, called CRSF. The framework’s pre-training part employs a dimension transformation function to process input data into two-dimensional images. Two-dimensional convolutional kernels are then employed to extract spatial features, and the feature sequences are passed to an RNN to capture richer temporal features. After sufficient pre-training, SVM is used as a classifier to map the pre-training data from the feature space to a high-dimensional space and learn nonlinear decision boundaries, enabling the framework to accurately differentiate feature representations of different classes. Simulation experiments on the TON_IoT-Datasets demonstrate the effectiveness of the CRSF framework in intrusion detection. When using the “linear” kernel function in SVM, the framework achieves an accuracy, F1-score, and AUC of 0.9959, 0.9959, and 0.9977, respectively, indicating its capability and superiority in intrusion detection.

Keywords